Apple AirTag Bug Enables ‘Good Samaritan’ Attack
The new $30 Airtag tracking device from Apple has a feature that allows anyone who finds one of these tiny…
Backdoor.Win32.Hupigon.afjk Authentication Bypass / Code Execution
Authored by malvuln | Site malvuln.com Backdoor.Win32.Hupigon.afjk malware suffers from bypass and code execution vulnerabilities. Change Mirror Download Discovery /…
Microsoft Warns of ‘FoggyWeb’ Malware Targeting AD FS Servers
The attack group Microsoft tracks as Nobelium is using a new post-exploitation backdoor capable of stealing sensitive data from a…
WordPress Wappointment 2.2.4 Cross Site Scripting
Authored by Renos Nikolaou WordPress Wappointment plugin version 2.2.4 suffers from a persistent cross site scripting vulnerability. Change Mirror Download…
Microsoft Adds Emergency Threat Mitigation to Its Exchange Server Software
Microsoft has baked a new threat mitigation feature into Exchange Server that will roll out this week as part of its September 2021…
OpenVPN Monitor 1.1.3 Cross Site Request Forgery
Authored by Sylvain Heiniger, Emanuel Duss OpenVPN Monitor versions 1.1.3 and below suffer from a cross site request forgery vulnerability…
OpenVPN Monitor 1.1.3 Authorization Bypass / Denial Of Service
Authored by Sylvain Heiniger, Emanuel Duss OpenVPN Monitor versions 1.1.3 and below suffer from an authorization bypass vulnerability that allows…
US CISA, FBI, and NSA warn an escalation of Conti ransomware attacks
CISA, FBI, and the NSA warned today of an escalation of the attacks of the Conti ransomware gang […] The…
Backdrop CMS 1.20.0 Cross Site Request Forgery / Command Execution
Authored by V1n1v131r4 Backdrop CMS version 1.20.0 suffers from cross site request forgery vulnerabilities that can assist an attacker in…
FamousSparrow APT Group Flocks to Hotels, Governments, Businesses
A cyberespionage group dubbed FamousSparrow is targeting hotels, governments, and private businesses around the world, leveraging the ProxyLogon Microsoft Exchange…